File(s) under permanent embargo
Segregation-of-duties conflicts in the insider threat landscape: an overview and case study
conference contributionposted on 2015-01-01, 00:00 authored by Sherwin Ballesteros, Lei PanLei Pan, Lynn BattenLynn Batten, Gang LiGang Li
Many insider attacks originate from misuse of privileges granted by organizations to their internal employees, contractors or third-party service providers. A fundamental means of ensuring that conflicts of privilege cannot occur is to segregate role allocations in order to ensure that no individual can perform a task from beginning to end. In this paper, we provide background on insider attacks in connection with conflicts in Segregation of Duties, and present the current strategies for preventing and detecting such conflicts. To illustrate how a conflict can occur and what can result, we present an in-depth case study demonstrating a conflict in Segregation of Dutiesin an organization, along with the consequent fraud, and we discuss how it might have been prevented.